Most often of the time, we need to pass data information from one page to another. The data can be passed either thru a <Form> tag or as simple as thru a URL strings, for example http://www.example.com/view_profile?id=12345

This section talks about how to prevent the data that we are transferring from tampering. A few methods can be implemented. The most straight forward method is to check only allowed data fixed certain criteria are allowed, if we only expect the input data to contain only numbers, we could easily do a check on the input information to contain only numeric data.

Besides checking for allowed syntax and characters, we could do some hashing and encryption on the data to make sure the data we received are not tampered with.

Hashing sensitive data

Hashing is useful to detect tampering with data that is passed from one page to another. For instance, it is useful to pass an id variable from page to page as a user is browsing, but the user should not be able to change the value of the variable. By computing and sending a hash of the data, each successive page can verify, with a high certanty, that the value of the id variable has not been altered:

$secret = 'MySecretWords';
$id = 12345;
$hash = md5($secret . $id);

After hashing the id value with the secret, we get an MD5 hash value. This will be passed, along with the id value, to the next page for processing:

There is a disadvantage to using the hashing method discussed above; the value of id is visible to potentially malicious users. However, as long as the secret and the process for generating the hash (in this case, md5 is the hash algorithm, and the value hashed is the concatenation of $secret and $id) are unknown, malicious users will not be able to tamper with the id variable passed to the page.

Encrypting sensitive data

Next, we will discuss how we can use symmetric keys to protect sensitive data and at the same time do not reveal the actual data value.

The concept is very similar to hashing the value, but now instead we will use a symmetric key to encrypt and decrypt the data.

The idea here is to url decode the input id value and follow by base64_decode it and then use back the same algorithm to get the actual data, which is 12345 in this case.

This same idea can be used on session id to make sure the session id is not tampered with. One caveat to take note is encrypting and decrypting all data send and receive will possibly consume lot of cpu power, so make sure your system is properly size up.